KLA12123 Multiple vulnerabilities in Microsoft Azure

Detect date:

03/09/2021

Severity:

Critical

Description:

Multiple vulnerabilities were found in Microsoft Azure. Malicious users can exploit these vulnerabilities to execute arbitrary code, obtain sensitive information.

Affected products:

Azure Spring Cloud
Azure Kubernetes Service
Azure Container Instance
Azure Service Fabric
Azure Sphere

Solution:

Install necessary updates from the KB section, that are listed in your Windows Update (Windows Update usually can be accessed from the Control Panel)

Original advisories:

CVE-2021-27074
CVE-2021-27075
CVE-2021-27080

Impacts:

ACE

Related products:

Microsoft Azure

CVE-IDS:

CVE-2021-270746.2High
CVE-2021-270756.8High
CVE-2021-270809.3Critical

Microsoft official advisories: